Video Screencast Help
Security Response
Showing posts for October of 2013
Showing posts in English
Christopher Mendes | 30 Oct 2013 07:35:35 GMT

Diwali is just around the corner and many users will be doing their festive shopping online since online shopping is cool, fast and easy these days.

India has come of age when it comes to online shopping. Many Indians are turning towards this easier mode of purchase, which is less time consuming and comes with better bargains. But online shopping is also turning out to be an easy hunting ground for opportunistic cybercriminals. Scammers and fraudsters are once again doing the rounds with "out-of-the-world offers and speedy deliveries" to users’ doorsteps.

In the sample case discussed in this blog, third-party mailers and recently registered spammy domains are being used for nefarious Web activities. The samples discussed below illustrate how the spammers have conducted a thorough study of India’s online shopping environment, and customized their campaigns accordingly.

Subject: This Diwali Gift  B[REMOVED] – A...

Symantec Security Response | 29 Oct 2013 13:03:25 GMT

Today, we are publishing a report on the security risks present on Android app markets in the first half of this year. The report presents trends in malware and madware, the latter referring to apps that use aggressive ad libraries. Ad libraries have the ability to collect information about the app’s user in order to serve targeted advertisements. However, some of these libraries can leak personal information or exhibit annoying behaviors such as displaying ads in the notification bar, creating ad icons or changing Web browser bookmarks. We refer to these libraries as aggressive ad libraries.   

In the middle of this year, 65 ad libraries were known and over 50 percent of them were classified as aggressive. The percentage of apps that use aggressive ad libraries has been on the rise since 2010, increasing every year, and reached 23 percent in the first half of 2013. According to our report, users can expect the most madware when downloading apps from the...

Symantec Security Response | 29 Oct 2013 00:44:11 GMT

Yesterday, the Syrian Electronic Army announced that it had compromised the email accounts of several staff members of Organizing For Action (OFA), a non-profit organization that also maintains the President’s website (barackobama.com), the President’s Facebook, and the President’s Twitter account (@barackobama). A screenshot posted by @Official_SEA16 confirms the hack and indicates some OFA staff were conducting business using Gmail email accounts, hosted through Google Apps for Business.

We accessed many Obama campaign emails accounts to assess his terrorism capabilities. They are quite high #SEA pic.twitter.com/ARgGLX8IjN

— SyrianElectronicArmy (@Official_SEA16)...

Anand Muralidharan | 28 Oct 2013 06:33:53 GMT

Many people are waiting eagerly for Halloween, a holiday filled with mystery, magic and fantasy, where bonfires were lit and costumes were worn to ward off roaming ghosts. As expected, Halloween Day spam messages have started flowing through Symantec’s Probe Network. In this spam, users are asked to complete a fake survey, and then to click a URL containing the spam message, which redirects them to a website with a bogus Halloween Day offer.

 Top word combinations used in spam messages include:

  • Halloween – Costumes
  • Halloween – treat
  • Halloween – Special
  • Halloween – Survey

figure 1.png

Figure 1. The spam asks users to complete a fake survey for an offer

After a user completes the survey, a...

Daniel Regalado | 25 Oct 2013 23:11:17 GMT

backdoor ploutus head.jpg

 

On September 4, 2013, we were the first to discover and add detections for a new malware targeting ATMs named Backdoor.Ploutus, as reported by our Rapid Release Definitions. Recently, we identified a new variant of this threat and realized that it has been improved and translated into English, suggesting that the ATM software is now being used in other countries.

Symantec added a generic detection for this new variant as Backdoor.Ploutus.B on October 25, 2013, so Ploutus can be...

Ben Nahorney | 22 Oct 2013 19:42:40 GMT

It can all start with what looks like an innocuous email containing a link to a potential job opportunity. Or perhaps it’s an unexpected phone call from someone claiming to be a high-ranking employee, asking you to process an invoice sent by email. It may even be lying in wait behind a website you frequently visit for work.

In many ways, targeted attacks have become public enemy number one in the corporate world, if anything, just for the potential havoc a successful attack can wreak. Stolen intellectual property, a loss of faith by customers, or simply general embarrassment are just a few of the potential outcomes of these attacks.

In this month’s Symantec Intelligence Report we take a detailed look at targeted attacks in 2013. While new techniques have yet to...

Satnam Narang | 22 Oct 2013 14:01:06 GMT

Following media reports that Twitter has restricted URLs in direct messages, spammers found a way around this restriction this weekend in order to push diet pill spam links.

Fig1_5.png

Figure 1. A direct message sends users to the tweet containing the spam link

We first noticed this when someone we follow on Twitter, who has never followed us before, started following us. Shortly after receiving the notification that we had a new follower, we received a direct message from the user.

Fig2_3.png...

Kevin Savage | 22 Oct 2013 10:36:43 GMT

While Ransomlock Trojans have plagued the threat landscape over the last few years, we are now seeing cybercriminals increasingly use Ransomcrypt Trojans. The difference between Ransomlock and Ransomcrypt Trojans is that Ransomlock Trojans generally lock computer screens while Ransomcrypt Trojans encrypt (and locks) individual files. Both threats are motivated by monetary gains that cybercriminals make from extorting money from victims.

Recently, a new threat detected by Symantec as Trojan.Cryptolocker has been growing in the wild. Trojan.Cryptolocker encrypts data files, such as images and Microsoft Office documents, and then demands payment through Bitcoin or MoneyPak to decrypt them—all within a countdown time period. This Ransomcrypt Trojan uses strong encryption algorithms which make it almost...

Samir_Patil | 17 Oct 2013 12:23:13 GMT

Contributor: Binny Kuriakose

The funding gap in US, which resulted in a shutdown of a large portion of the United States federal government, has  started affecting economic growth in the country. Large portions of the federal workforce were required to work without immediate pay, while some were indefinitely furloughed.

Symantec recently uncovered spam campaigns, which started promptly following the shutdown announcement, targeting the affected victims. In the past,  spammers tried to take advantage of the general gloom, but now they are directly targeting the raw financial state the sudden shutdown has left people in. This could probably be a last ditch effort to haul in more spoils before the US shutdown is lifted, especially in light of the senate’s deal, which is currently being made to end the shutdown.

This new wave of spam is designed  to manipulate  victims into applying for loans and inevitably disclose their...

Candid Wueest | 16 Oct 2013 15:39:32 GMT

cubes_concept02.png

If Hollywood is to be believed, we will all one day be living in a future filled with robots, or less likely, zombies. Robots are everywhere in our predicted future. A common theme on the silver screen is the artificial intelligence mastermind attempting to take over the world. Another is of robots transforming into alternate shapes or robots with the ability to self-repair. Sadly, we are not yet at the stage where cars can transform into fighting robots while doing a front flip in slow motion to a heavy rock soundtrack, but we are getting closer. Researchers at MIT recently presented their exciting new creations, M-Blocks, signalling a new stage of self assembling robots.

The MIT modular robot cubes can rearrange themselves using internal flywheels...